PE-IoT

Policy driven Privacy Enhanced Technologies (PET) enforcement on Internet of Things (IoT) data flows

Policy driven Privacy Enhanced Technologies (PET) enforcement on Internet of Things (IoT) data flows Contact Person:

Sharad Mehrotra

Other PIs/Investigators/PhD students:

Nalini Venkatasubramanian
Shantanu Sharma
Roberto Yus
Sameera Ghayyur
Primal Pappachan
Guoxi Wang

Project Summary:

IoT service provision commonly relies on environmental or user data from other data  providers(e.g. network provider, water agency, building management). However, different privacy laws and regulations such as European General Data Protection Requirement (GDPR) and California Consumer Privacy Act (CCPA) have made it mandatory for service providers to provide the users with capabilities to express privacy requirements on their data consumed by the services. Policies have emerged as an important mechanism for specification of privacy requirements and Privacy Enhancing Technologies (PETs), such as differential privacy, data scrubbing and encryption technologies, are different ways to realize the privacy needs expressed in policies. PE-IoT (Privacy Enhanced-Internet of Things) controls data captured by IoT sensors to services after applying appropriate PETs to their data flows. PE-IoT constructs different workflows for the incoming data from various IoT sensors depending on the policies set by users and data managers. In these data workflows, the data may undergo different transformations depending on the choice of PETs expressed in the privacy policies. PE-IoT, in addition to exploring a variety of PETs and policy mechanism that apply to sensor data streams, explores issues of performance, reliability and fault tolerance when processing sensor data streams